SG UTM

Suggest, discuss, and vote on new ideas for SG UTM. The ultimate network security package.

Suggest an Idea...

Sophos appliance TCPDUMP

I would suggest to enable TCPDUMP option log for a more detailed view of network traffic

14 votes
Sign in
Check!
(thinking…)
Reset
or sign in with
  • facebook
  • google
    Password icon
    Signed in as (Sign out)

    We’ll send you updates on this idea

    Manuele Simeoni shared this idea  ·   ·  Flag idea as inappropriate…  ·  Admin →

    2 comments

    Sign in
    Check!
    (thinking…)
    Reset
    or sign in with
    • facebook
    • google
      Password icon
      Signed in as (Sign out)
      Submitting...
      • Aaron Mason commented  ·   ·  Flag as inappropriate

        I just enable shell and run tcpdump from the command line. Also allows one to drill down as deep as needed:

        # tcpdump -I reds0 ip dst 10.0.0.80 and not tcp port 3389

        If you need details, use the -w option to output to a file, scp it to your machine and open it with Wireshark.

        Would be nice to automate this, though. Put time/size limits on though, the pcap files can get very big very fast.

      Feedback and Knowledge Base

      icon-data-protection icon-endpoint-protection icon-phish-threat icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-mobile icon-sophos-utm icon-sophos-utm icon-sophos-utm icon-web-appliance icon-xg-firewall icon-xg-firewall icon-lightbulbCreated with Sketch.